chore: audit documentation

[amilz]

• [A09] Fixed pricing model does not require user to pay back fee payer outflow (closes PRO-504)
• [A21] Permanent Delegate extension can be used to undo payments to Kora (closes PRO-505)
• [B06] Price model documentation in FEES.md (closes PRO-506)
• [B10] Usage limiter implements a permanent limit that cannot be reset (closes PRO-507)
• [B11] Fee payer policy is not checked during config validation (closes PRO-508)

Closes PRO-503

---

Important

Update documentation to address security and configuration issues related to pricing models and fee payer policies, including new warnings and recommendations.

• Documentation Updates:
  • Update CONFIGURATION.md to include security considerations for PermanentDelegate extension and fee payer policy settings.
  • Update FEES.md to clarify fee calculation components and pricing models.
• Security Warnings:
  • Add warnings about risks of PermanentDelegate extension and fixed/free pricing models.
  • Recommend restrictive fee payer policies and authentication for fixed/free pricing.
• Configuration Changes:
  • Clarify usage limits as permanent and require manual reset in CONFIGURATION.md.
  • Emphasize the need for Redis in usage limiting across multiple instances.

^{This description was created by for e17b2a4. You can customize this summary. It will automatically update as commits are pushed.}

[ellipsis-dev]

Caution

Changes requested ❌

Reviewed everything up to ab5c034 in 1 minute and 45 seconds. Click for details.

• Reviewed 314 lines of code in 3 files
• Skipped 0 files when reviewing.
• Skipped posting 1 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. docs/operators/CONFIGURATION.md:8

• Draft comment:
  The Overview bullet list has duplicate entries (e.g. 'RPC method availability' and 'Fee pricing models' appear twice). Consider removing the redundancies to improve clarity.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

Workflow ID: wflow_Jv4ZX1QfCC8eAQaG

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[linear]

PRO-504 [A09] Fixed pricing model does not require user to pay back fee payer outflow

PRO-505 [A21] Permanent Delegate extension can be used to undo payments to Kora

PRO-506 [B06] Price model documentation in `FEES.md`

PRO-507 [B10] Usage limiter implements a permanent limit that cannot be reset

PRO-508 [B11] Fee payer policy is not checked during config validation

[linear]

PRO-503 Post Audit Documentation

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed e17b2a4 in 1 minute and 13 seconds. Click for details.

• Reviewed 106 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 1 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. crates/lib/src/validator/config_validator.rs:257

• Draft comment:
  Removed the entire PriceModel::Free branch (warnings on allow_transfer settings) and replaced it with a no-op (_ => {}). Confirm that security warnings for free pricing are intentionally removed and that documentation reflects this change.
• Reason this comment was not posted:
  Comment looked like it was already resolved.

Workflow ID: wflow_9FP1BE9qyBbazhvA

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}